diff --git a/README.md b/README.md index d51f811..3ca862e 100644 --- a/README.md +++ b/README.md @@ -19,10 +19,10 @@ In development, pre production. ## Usage: BUS -### RPC: verify(appid, token, appidtoverify, tokentoverify) +### RPC: verify(appuuid, token, appuuidtoverify, tokentoverify) Verify whether the requesting app is authenticated. This is only -allowed to be used for trusted appids. +allowed to be used for trusted appuuids. Returns a JSON object: @@ -57,10 +57,10 @@ Request JSON object: ``` { version: "1", - appid: "your-app-uuid", + appuuid: "your-app-uuid", token: "current time based token", - appidtoverify: "appid that wants to be authenticated", - tokentoverify: "current time based token of appidtoverify", + appuuidtoverify: "appuuid that wants to be authenticated", + tokentoverify: "current time based token of appuuidtoverify", } ``` @@ -89,7 +89,7 @@ Request JSON object: { version: "1", - appid: "your-app-uuid", + appuuid: "your-app-uuid", token: "current time based token", username: "user this app belongs to", appname: "name of your web app" @@ -100,7 +100,7 @@ Response JSON object: ``` { status: "OK", - appid: "UUID of your app", + appuuid: "UUID of your app", } ``` @@ -121,7 +121,7 @@ Request JSON object: { version: "1", - appid: "your-app-uuid", + appuuid: "your-app-uuid", token: "current time based token" } @@ -133,11 +133,11 @@ Response JSON object: apps: [ { name: "name of your web app" - appid: "UUID of your app", + appuuid: "UUID of your app", }, { name: "name of your second web app" - appid: "UUID of your second app", + appuuid: "UUID of your second app", } ] } @@ -152,7 +152,7 @@ Request JSON object: ``` { version: "1", - appid: "your-app-uuid", + appuuid: "your-app-uuid", token: "current time based token" } ``` @@ -175,13 +175,36 @@ apps. ## Database -The database saves a list of appids with their seeds and the user -assignments as well as whether the appid might use the BUS interface. +The database saves a list of appuuids with their seeds and the user +assignments as well as whether the appuuid might use the BUS interface. Fields: +- appuuid (a random UUID) - appname (name chosen by the user) -- appid (a random UUID) +- username (who this appuuid belongs to) - seed (a random base32 string) -- username (who this appid belongs to) -- trusted (boolean, whether app is allowed to use the BUS) +- trusted (boolean, whether app is allowed to use the BUS and the + verify method) + + +## Environment / Configuration + +- POSTGRES_USERNAME +- SECRET_KEY -- random + +## Random notes / stuff + +django.db.backends.postgresql +django.contrib.admin + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': 'mydatabase', + 'USER': 'mydatabaseuser', + 'PASSWORD': 'mypassword', + 'HOST': '127.0.0.1', + 'PORT': '5432', + } +} diff --git a/ungleichotp/otpauth/models.py b/ungleichotp/otpauth/models.py index 71a8362..11b39d9 100644 --- a/ungleichotp/otpauth/models.py +++ b/ungleichotp/otpauth/models.py @@ -1,3 +1,9 @@ from django.db import models # Create your models here. +class OTPSeed(models.Model): + appuuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False) + appname = models.CharField(max_length=128) + username = models.CharField(max_length=128) + seed = models.CharField(max_length=128) + trusted = models.BooleanField(default=False)